Free Newsletter
Register for our Free Newsletters
Access Control
Deutsche Zone (German Zone)
Education, Training and Professional Services
Government Programmes
Guarding, Equipment and Enforcement
Industrial Computing Security
IT Security
Physical Security
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec

Cyber-Ark issues warning over protection against google hack utility.

CyberArk Software : 28 February, 2008  (Technical Article)
Ability to google for credit card numbers and passwords using sophisticated hacking software brings additional dangers to unprotected databases.
Cyber-Ark has warned companies to protect their data using all available resources, following news that the Cult of the Dead Cow hacking group has released Goolag Scan, a hacking utility overlay for Google.

'Advanced Google searching has been known about in security circles for some time, but it has been a highly specialised and technical topic that is definitely not for non-programmers,' said Calum Macleod, Cyber-Ark's European director.

'What Goolag Scan does is to allow even a novice to scan Google for interesting and normally hidden Web-based data, using more than 1,500 customised Google search routines,' he added.

Data which can be revealed by the Windows-based application reportedly includes passwords on application servers, credit card numbers and allied databases held on Web- accessible portals, company email records and audit logs, and a variety of other company confidential information.

'A lot of companies protect their Web-based and Internet gateway- accessible data using ID and password systems, but the actual data pages are often unprotected. Even though the pages are not indexed in the standard sense, Goolag Scan can prise the data out into the open and allow standard keyword searching on those pages,' said Macleod.

According to the Cyber-Ark European director, whilst some security sources have played down the importance of Goolag Scan's development, he argues it shows the increasing sophisticated amongst hackers.

'We're reaching the stage where advanced hackers can pass on their abilities to novice or newbie hackers using quite complex applications,' he said.

'The bad news is that the altruistic nature of the non-criminal hacking community is such that these applications are being offered for free,' he added.

Bookmark and Share
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
   © 2012
Netgains Logo